SecureAuth Named a Leader in KuppingerCole Leadership Compass Report for Customer Identity and Access Management

Managing Customer Portal Authentication

Dr. Abdulrahman Kaitoua
June 17, 2019

Get the latest from the SecureAuth Blog

Knock, knock. Who’s there? Robin. Robin who? Robin YOU, now hand over the cash.  Yes, this blog is starting with a knock knock joke, but it is very germane to this discussion.  As most every company across the globe has moved to some level of customer portal or self-service model, it has also opened up a he opportunity for cyber criminals to enter your network through fraudulent means in order to hold your company for ransom, or even worse damage your data or reputation.

Customer Portals Abound

In case you have been hiding under a rock for the last decade, the concept of a customer portal has taken over as the primary vehicle for companies to service their ever-changing and often fickle customer base.  According to a blog titled “The Rise of Customer Portals and Self-help Customer Service”:

“A self-service portal is an internal system requiring a customer username and password to access information for personal research. The customer can see details about his/her account, view past history, review case outcomes, determine whether they are still open, etc. The customer can research issues he/she is having with a company’s product or service. Customers can identify cases and solutions that are similar to the problems they are currently experiencing, and create a new case if no similar cases can be found.

A customer portal, also an internal system, is an extension of a self-service portal, also accessed via username and password. The customer portal allows deeper access and more functionality in reviewing cases and solutions. The portal is custom-built for a specific business and can be further personalized as needed. The user can add tabs, conduct advanced searches, create new records, save articles and ideas, and more.”

As you can imagine, the return on investment for moving to this service model is huge, but a new challenge manifests in the process.  You see that the description of the customer portal started with the need for each customer to have their own username and password in order to access these benefits, and therein lies the huge challenge.

Authentication Is a Huge Challenge

As we have reported on numerous occasions, data breaches seem to have become a daily occurrence. And even more specific to this blog, data breaches that happen because of partner portal mishaps. Most recently “LabCorp Confirms 7.7M Customers Exposed by Data Breach from AMCA Payment Portal” and this appears to be just one a number of announcements from AMCA customers.

It will also help your research to start with the 10 Identify Management Priorities to Consider courtesy of the Enterprise Management Associates.

Ensuring Customer Authentication Can Save $Millions 

The only way to ensure your customer portals are protected from identity authentication fraud is for you to stop the failed password strategy and move on to a new password-less solution of continuous authentication. In doing so you will save the $millions in lost revenue and potential brand disgrace of negative publicity for a breach.

Acceptto’s eGuardian engine continuously creates, and monitors user behavior profiles based on the user interaction with the It’sMe authenticator. Every time an activity occurs, actionable intelligence is gathered and used to optimize the user profile. eGuardian is capable of autonomously and continually learning new policies and adapting existing ones. While policies can still be manually defined and contribute to the computation, our Biobehavioral AIML approach automatically finds the optimal policy for each transaction. eGuardian leverages a mixture of AI & ML, expert systems and SMEs to classify, detect, and model behavior, and assign real-time risk scores to continuously validate your identity prior to, during and post-authentication.


Download the Enterprise Management Associates’ Ten Priorities For Identity Management in 2019 today and then check out what Acceptto can do to ensure your employees, partners and customers can authenticate without passwords and still ensure security and privacy registering for a free demo today.



Related Stories

Pin It on Pinterest

Share This